FEMA hacked: Anonymous hacks US server in defense of Snowden and government transparency

Hackers from within the Anonymous collective claim to have broken into a server used by the Federal Emergency Management Agency (FEMA) and say they will release the stolen data in what would be one of the highest-profile security breaches since the release of secret NSA documents by Edward Snowden.

In a document shared with GlobalPost on Tuesday night and published online Wednesday, the hacker collective revealed data that includes information on user accounts and passwords of what appear to be government employees. Several of the email addresses linked to those user accounts are hosted on .mil and .gov domains.

FEMA did not respond to requests for comment from GlobalPost on Wednesday.

Anons, as the hackers are known, involved in the breach say they are looking to assert themselves as a force to be reckoned with following global crackdowns on hackers. In addition, they want to call attention to government collusion with the private sector in for-profit information security initiatives.

“Anonymous does not wave the white flag. Not while we are faced with a daily stream of abominable revelations from Edward Snowden and others, not while the battle for the very soul, the very original purpose, of the internet escalates in severity daily,” read a statement by a representative of Anonymous and obtained by GlobalPost.

But above all, they are sending a message to the US intelligence community and their allies.

“There is a complex web of ties between companies likes Obsidian Analysis and government agencies, an incestuous crossover of money and influence,” one Anon told GlobalPost. “We intend to not only expose these links but also to delve as deeply as possible into the individual players.”

In its statement, the collective draws attention to a 2012 “National Level Exercise” undertaken by Obsidian Analysis, a company contracted by FEMA to test national disaster responses to a major cyberattack, as a prime example of the consequences of those links. In a simulated cyberattack, Obsidian created a mock news broadcast detailing an offensive launched by “the Void” — a fictitious group of hacktivists that closely resembles Anonymous.

In the mock video, actual journalist and former CNN correspondent Jeanne Meserve played an anchor. “A network of hacktivists known as The Void today threatened to unleash, and I’m quoting here, ‘a global day of extreme action against US interests and organizations, both private and government-related,’” she read.

Watch her remarks in full:

A few months following the “successful” exercise in cyberattack response, FEMA Chief of Staff Jason McNamara joined Obsidian Analysis as vice president. For the hackers, the quick switch from the public sector to a closely associated private contractor was enough to raise suspicions of collusion. Anonymous alleges that McNamara’s transition to the private sector is evidence of a profit-driven motive for the escalation of cyber warfare.

Anonymous has suffered from infighting and confusion in recent months, resulting in sloppy hacking operations like OpNorthKorea. In that operation, intended to be an attack against what is deemed to be a dictatorial North Korean regime, several South Korean sites were hacked, but promises to reveal secret North Korean military documents were never fulfilled.

But this fresh attack against FEMA, a US target, more closely resembles the powerful and organized Anonymous of old. In contrast to Anonymous Twitter campaigns that openly advertise pet political causes, this attack was meant to come as a complete surprise and to embarrass a powerful US government entity.

Members of the hacktivist group insist it's a public service.

“Quis custodiet ipsos custodes?” one Anon said to GlobalPost, using a Latin phrase meaning, “Who watches the watchmen?”

“Anonymous can guarantee that we are watching” the US intelligence community, the hacker added.